package current.security.filter;
import java.io.IOException;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import platform.util.Util;
import current.security.access.AccessValidateService;

public class SecurityMainFilter implements Filter {

    protected FilterConfig filterConfig = null;
    private String extension;
	public void destroy() {
        this.filterConfig = null;
    }

    @SuppressWarnings("unchecked")
	public void doFilter(ServletRequest servletRequest,
            ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        //将/PRS替换为空字串
        String url = request.getRequestURI().replaceFirst(request.getContextPath(), "");
        //获取请求路径的扩展名
        String extension = url.indexOf(".") != -1 ? url.substring(url.lastIndexOf(".")) : url;
        //如果扩展名是配置文件的一种则不需要验证
        if(this.extension.indexOf(extension) != -1 || "/".equals(url)){
        	filterChain.doFilter(request, response);
        }else{//否则进入验证逻辑
        	//获取appliaction中的权限MAP
        	Map<String, String> map = (Map<String, String>)request.getSession().getServletContext().getAttribute("urlAuthorities");
            //获取spring容器中的验证service
        	AccessValidateService accessValidateService = (AccessValidateService) Util.getService("accessValidateService",request.getSession().getServletContext());
            //获取此用户的信息
        	Map<String ,Object> suser = (Map<String, Object>)request.getSession().getAttribute("user");
            //进行验证，如果通过则继续执行，否则验证失败
        	String result = accessValidateService.isAllowAccess(map, suser, url);
        	if(result != null && (result.equals("REJECT") || result.equals("ACCEPT"))){
        		filterChain.doFilter(request, response);
        	}else if(result != null && (result.equals("NOTLOGON"))){
        		//失败之后跳转到错误页面
        		request.getRequestDispatcher("/pages/pastTime.jsp").forward(request, response);
        	}else if(result != null && (result.equals("REFUSED"))){
        		//失败之后跳转到错误页面
        		request.getRequestDispatcher("/common/jsp/403.jsp").forward(request, response);
        	}else if(result != null && (result.equals("ERROR"))){
        		//失败之后跳转到错误页面
        		request.getRequestDispatcher("/common/jsp/403.jsp").forward(request, response);
        	}
        }

    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
        this.extension = filterConfig.getInitParameter("extension");
    }

	public String getExtension() {
		return extension;
	}

	public void setExtension(String extension) {
		this.extension = extension;
	}
}